Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

New VMware Security Advisory VMSA-2018-0031

0
0

Today, VMware has released the following new security advisory:

“VMSA-2018-0031 vRealize Operations updates address a local privilege escalation vulnerability ”

This documents the remediation of an important severity local privilege escalation vulnerability ( CVE-2018-6978 ) in vRealize Operations (vROps). The issue exists due to improper permissions of support scripts. Admin ** user of the vROps application with shell access may exploit this issue to elevate the privileges to root on a vROps machine.

**The admin user (non-sudoer) should not be confused with root of the vROps machine.

We would like to thank Alessandro Zanni, pentester at OVH for reporting this issue to us.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisories and direct any questions toVMware Support.


Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles





Latest Images